Folks, Loops in DNS are an old problem, but as our tsuname[0,1] disclosure last May shows, they are still a problem.
We wrote a new draft that adds a new requirement to existing solutions: recursive resolvers must detect and negative cache problematic (loop) records. It would be nice to hear what folks have to say. Thanks, /giovane Giovane C.M. Moura SIDN Labs [0] https://tsuname.io [1] https://www.isi.edu/~johnh/PAPERS/Moura21b.pdf ------ A new version of I-D, draft-moura-dnsop-negative-cache-loop-00.txt has been successfully submitted by Giovane C. M. Moura and posted to the IETF repository. Name: draft-moura-dnsop-negative-cache-loop Revision: 00 Title: Negative Caching of Looping NS records Document date: 2021-11-08 Group: Individual Submission Pages: 8 URL: https://www.ietf.org/archive/id/draft-moura-dnsop-negative-cache-loop-00.txt Status: https://datatracker.ietf.org/doc/draft-moura-dnsop-negative-cache-loop/ Htmlized: https://datatracker.ietf.org/doc/html/draft-moura-dnsop-negative-cache-loop Abstract: This document updates guidance about detecting DNS loops in recursive resolver algorithms with new requirements to require recursive resolvers to detect loops and to implement negative caches. The IETF Secretariat _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
